Identity Management: Get Your Head out of the Cloud

Kelly Strain

cloud

Stormpath customers are experiencing first hand the repercussions of using a multi-tenant cloud hosted API. The company was acquired and users have to get data out, fast. By 8/17/2017 to be exact.

A recent article by ProgrammableWeb discusses the dangers of using third-party APIs, however they fail to mention ways to avoid this danger. The answer is not to stop using cloud APIs, nor is it to only select API’s from tech giants like Amazon, Google or Microsoft. Before choosing your identity and user management provider consider the deployment options.

On-Premise

Despite increasing cloud popularity, many companies still prefer (or require) an on-premise solutions.

Regulatory Requirements

Certain organizations face regulatory requirements that demand an on-premise solution. Regulatory controls and legal requirements vary depending on the industry, but many companies fall into this category. A third-party cloud vendor may not fit the compliance requirements for a particular organization within the finance or pharmaceutical sector.

Control

An on-premise solution can insulate you from issues Stormpath customers are now faced with. By installing the software on your servers (real or cloud-based) you gain control over:

  • User data
  • Access
  • Security
  • Upgrades

If the company shuts down or is acquired, you can likely continue using software since it is running on your servers. If this is not the case, the user data is yours and can easily be removed at your discretion.

Cloud

How do you protect your data? How do you ensure that you are the only one seeing your user data?

Multi-Tenant vs. Single-Tenant

Multi-tenant is an architecture where multiple companies store their data within the same instance. With single-tenant, each company has their own individual instance. With a single-tenant solution you receive maximum privacy. The risk of another business accidentally receiving data that doesn’t belong to them is eliminated. Each customer’s user data is separate and secure.

When considering cloud solutions, it is always important to prepare for the worst-case scenario. You should think about how you will get your data out of the cloud, before you ever put it in there.  In the event of an API shutdown, data recovery is much easier when each customer’s data is isolated in a single-tenant cloud.

Flexible Hosting (with a pitch)

Passport offers on-premise or single tenant cloud hosting. With these options, you have the ability to choose which deployment best meets your business or application needs. In addition, you have the flexibility to change your mind down the road.

Start Migrating from Stormpath to Passport today. Or sign up for a free Passport trial.

Stormpath has been acquired by Okta

Kelly Strain

stormpath

What we know

Stormpath has been acquired by Okta.

  • The Stormpath APIs will remain in service until August 17, 2017 at noon PST. On that date and time, Stormpath APIs will be shut down.
  • The Stormpath SDKs will be in maintenance mode until August 17, 2017 when they will be decommissioned.
  • Stormpath users will be able to migrate their data into Okta, and may also export their Stormpath data to use as desired.

Current Stormpath users must migrate – whether it be to Okta or a different provider altogether. We understand this is a challenge, a challenge you most likely did not see coming in the near future.

You have 6 months to choose a provider that best meets your business needs, export existing users and be up and running with minimal end user disruption. We are here to help. Continue reading

Meetup: Authentication as a Microservice 

Kelly Strain

meetup-authentication

Inversoft’s founder and CEO, Brian Pontarelli, will be speaking on Authentication as a Micro-Service at Code Talent.

Authentication is a core piece of many applications. However, it has traditionally been handled in a monolithic manner. Moving to micro-services means that applications now need to decouple authentication, user management and user data.

What we’ll cover at the meetup:

  • Most common pitfalls of authentication and authorization as a microservice
  • How to break apart your architecture and build services for user management features
  • Portable user identity tokens

Continue reading

HackedThat: Minding the backdoor

Daniel DeGroff

Hack This

Earlier this summer, we published a comprehensive Guide to User Data Security detailing steps to harden a server and secure applications. We provisioned a couple Linode servers and hardened them to the guides specifications to stand by our claim. We shared the IP addresses and proposed a challenge. 

Github: https://github.com/inversoft/2016-security-scripts

Hack This: https://hackthis.inversoft.com

We dared anyone to hack our database. To add incentive, we offered a fully loaded MacBook Pro as a reward. 

Continue reading

Tags:
None

Get in Our Shirt!

Kelly Strain

Inversoft is giving away free T-shirts. No credit card required. No sales call. No strings attached, really.

user rock shirt

We love developers so much that we want you to have one of our (super soft, kicka$$) shirts when you sign up for Passport. Sign up today and get your free shirt. It’s that easy.

Passport becomes a complete user backend, providing important user management features via a simple REST JSON API.  Why reinvent the wheel by building login, registration, single sign on and more? We build the features. You launch your application. Simple. Every application can benefit from Passport – whether you have 100 users or 100 million users. (Here’s why) Once you see how easy it is to integrate with Passport (use our client libraries/SDKs for fast integrations) using Passport will be a no-brainer.

How to Get the Free Shirt:

  1. Try Passport here.
  2. Click Register Now to create a new account.
  3. On the registration page check the free t-shirt box. Please enter your preferred size and address.
  4. Install (or let us install) Passport and begin adding users.
  5. Check your mail for your free t-shirt!

Shirt SignUp

NO credit card or purchase necessary. We want you to try our product and would greatly appreciate your valuable feedback. Please tweet and spread the word. We know Passport is awesome and think you’ll agree.

Please note: We can only ship shirts to users who live in the United States at the moment. Apologies to our international users.

Free Passport Developers License

We want to remind you that we still offer a free developers license with our on-premise (server) Passport solution.

Try it now. 

What’s Included:

  • All the features of Passport User Database and Management API
  • No time limit
  • Free for non-production use (up to 50 active users)
  • And of course, a free T-shirt with sign up
Tags:
Passport